{"id":"CVE-2019-7317","details":"png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.","modified":"2026-02-24T01:18:56.469085Z","published":"2019-02-04T08:29:00.447Z","related":["CGA-fq2m-44cx-vmpr","MGASA-2019-0126","MGASA-2019-0190","MGASA-2019-0191","SUSE-SU-2019:1388-1","SUSE-SU-2019:1398-1","SUSE-SU-2019:1398-2","SUSE-SU-2019:1405-1","SUSE-SU-2019:14160-1","SUSE-SU-2019:14188-1","SUSE-SU-2019:1458-1","SUSE-SU-2019:2002-1","SUSE-SU-2019:2021-1","SUSE-SU-2019:2028-1","SUSE-SU-2019:2036-1","SUSE-SU-2019:2036-2","SUSE-SU-2019:2291-1","SUSE-SU-2019:2336-1","SUSE-SU-2019:2371-1","SUSE-SU-2019:3060-2","openSUSE-SU-2019:1530-1","openSUSE-SU-2019:1534-1","openSUSE-SU-2019:1664-1","openSUSE-SU-2019:1912-1","openSUSE-SU-2019:1916-1","openSUSE-SU-2024:10600-1","openSUSE-SU-2024:10601-1","openSUSE-SU-2024:10871-1","openSUSE-SU-2024:10872-1","openSUSE-SU-2024:10876-1","openSUSE-SU-2024:10972-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/108098"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html"},{"type":"ADVISORY","url":"http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/108098"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1265"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1267"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1269"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1308"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1309"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1310"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2494"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2495"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2585"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2590"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2592"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2737"},{"type":"ADVISORY","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803"},{"type":"ADVISORY","url":"https://github.com/glennrp/libpng/issues/275"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html"},{"type":"ADVISORY","url":"https://seclists.org/bugtraq/2019/Apr/30"},{"type":"ADVISORY","url":"https://seclists.org/bugtraq/2019/Apr/36"},{"type":"ADVISORY","url":"https://seclists.org/bugtraq/2019/May/56"},{"type":"ADVISORY","url":"https://seclists.org/bugtraq/2019/May/59"},{"type":"ADVISORY","url":"https://seclists.org/bugtraq/2019/May/67"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201908-02"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20190719-0005/"},{"type":"ADVISORY","url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03977en_us"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3962-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3991-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3997-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4080-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4083-1/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2019/dsa-4435"},{"type":"ADVISORY","url":"https://www.debian.org/security/2019/dsa-4448"},{"type":"ADVISORY","url":"https://www.debian.org/security/2019/dsa-4451"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"type":"ADVISORY","url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803"},{"type":"REPORT","url":"https://github.com/glennrp/libpng/issues/275"},{"type":"REPORT","url":"https://seclists.org/bugtraq/2019/Apr/30"},{"type":"REPORT","url":"https://seclists.org/bugtraq/2019/Apr/36"},{"type":"REPORT","url":"https://seclists.org/bugtraq/2019/May/56"},{"type":"REPORT","url":"https://seclists.org/bugtraq/2019/May/59"},{"type":"REPORT","url":"https://seclists.org/bugtraq/2019/May/67"},{"type":"FIX","url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html"},{"type":"ARTICLE","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html"},{"type":"ARTICLE","url":"https://seclists.org/bugtraq/2019/Apr/30"},{"type":"ARTICLE","url":"https://seclists.org/bugtraq/2019/Apr/36"},{"type":"ARTICLE","url":"https://seclists.org/bugtraq/2019/May/56"},{"type":"ARTICLE","url":"https://seclists.org/bugtraq/2019/May/59"},{"type":"ARTICLE","url":"https://seclists.org/bugtraq/2019/May/67"},{"type":"EVIDENCE","url":"https://github.com/glennrp/libpng/issues/275"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.com/libtiff/libtiff","events":[{"introduced":"0"},{"fixed":"f7b79dc7dc86ccbaabe9882e2b9ffa5ee8dac917"}]}],"versions":["v3.5.3","v3.5.4","v3.5.5","v3.5.7","v3.6.0","v3.6.0beta2","v3.6.1","v3.7.0","v3.7.0alpha","v3.7.0beta","v3.7.0beta2","v3.7.1","v3.7.2","v3.7.3","v3.7.4","v3.8.0","v3.8.1","v3.8.2","v4.0.0alpha","v4.0.0alpha4","v4.0.0alpha5","v4.0.0alpha6","v4.0.0beta7"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-7317.json","vanir_signatures":[{"signature_type":"Function","deprecated":false,"target":{"file":"libtiff/tif_lzma.c","function":"LZMADecode"},"source":"https://gitlab.com/libtiff/libtiff@f7b79dc7dc86ccbaabe9882e2b9ffa5ee8dac917","digest":{"function_hash":"207208958033309643961658472027306269514","length":1650},"id":"CVE-2019-7317-dfd9b952","signature_version":"v1"},{"signature_type":"Line","deprecated":false,"target":{"file":"libtiff/tif_lzma.c"},"source":"https://gitlab.com/libtiff/libtiff@f7b79dc7dc86ccbaabe9882e2b9ffa5ee8dac917","digest":{"threshold":0.9,"line_hashes":["83735383308701105806633254192405515516","297151727776609117273041335871543415477","83489008549350845020780847220869080280","109231922170225855438601431601770869641","237257911720793150025722719320423673589"]},"id":"CVE-2019-7317-ff63d6e8","signature_version":"v1"}]}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}